<?php
/**************************************************************************************************
|
| AudioShare - Audio Sharing Script
| http://www.audiosharescript.com
| webmaster@audiosharescript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License 
| Agreement available at http://www.audiosharescript.com/eula.html and to be bound by it.
|
| Copyright (c) 2010 AudioShareScript.com. All rights reserved.
|**************************************************************************************************/

include("include/config.php");
include("include/functions/import.php");
$thebaseurl = $config['baseurl'];

if ($_SESSION[USERID] != "" && $_SESSION[USERID] >= 0 && is_numeric($_SESSION[USERID]))
{
	$AUDIOID = $_REQUEST['AUDIOID'];
	if ($AUDIOID != "" && $AUDIOID >= 0 && is_numeric($AUDIOID))
	{
    	$query = "SELECT * FROM audios WHERE AUDIOID='".mysql_real_escape_string($AUDIOID)."'";
    	$executequery = $conn->execute($query);
    	$audioarray = $executequery->getarray();
		STemplate::assign('audioarray',$audioarray);
		
		if($_REQUEST[editaudio]!="")
		{
			$title = htmlentities(strip_tags($_REQUEST['title']),ENT_QUOTES,'UTF-8');
			$title = escape($title);
			$description = htmlentities(strip_tags($_REQUEST['description']),ENT_QUOTES,'UTF-8');
			$description = escape($description);
			$tags = htmlentities(strip_tags($_REQUEST['tags']),ENT_QUOTES,'UTF-8');
			$tags = escape($tags);
			$category = htmlentities(strip_tags($_REQUEST['category']),ENT_QUOTES,'UTF-8');
			$category = escape($category);
			$public = htmlentities(strip_tags($_REQUEST['public']),ENT_QUOTES,'UTF-8');
			$public = escape($public);
			$allowcomments = htmlentities(strip_tags($_REQUEST['allowcomments']),ENT_QUOTES,'UTF-8');
			$allowcomments = escape($allowcomments);
			$allowratings = htmlentities(strip_tags($_REQUEST['allowratings']),ENT_QUOTES,'UTF-8');
			$allowratings = escape($allowratings);
			$allowembeds = htmlentities(strip_tags($_REQUEST['allowembeds']),ENT_QUOTES,'UTF-8');
			$allowembeds = escape($allowembeds);
			$allowdownloads = htmlentities(strip_tags($_REQUEST['allowdownloads']),ENT_QUOTES,'UTF-8');
			$allowdownloads = escape($allowdownloads);
			
			$addtosql = "";
			if ($category != "" && $category >= 0 && is_numeric($category))
			{
				$addtosql .= ", categories='".mysql_real_escape_string($category)."'";
			}
			if ($public != "" && $public >= 0 && is_numeric($public))
			{
				$addtosql .= ", public='".mysql_real_escape_string($public)."'";
				
				if ($public == "0")
				{
					$query = "DELETE FROM channels_audios WHERE AUDIOID='".mysql_real_escape_string($AUDIOID)."'";
      				$conn->Execute($query);
				}
			}
			if ($allowcomments != "" && $allowcomments >= 0 && is_numeric($allowcomments))
			{
				$addtosql .= ", allowcomments='".mysql_real_escape_string($allowcomments)."'";
			}
			if ($allowratings != "" && $allowratings >= 0 && is_numeric($allowratings))
			{
				$addtosql .= ", allowratings='".mysql_real_escape_string($allowratings)."'";
			}
			if ($allowembeds != "" && $allowembeds >= 0 && is_numeric($allowembeds))
			{
				$addtosql .= ", allowembeds='".mysql_real_escape_string($allowembeds)."'";
			}
			if ($allowdownloads != "" && $allowdownloads >= 0 && is_numeric($allowdownloads))
			{
				$addtosql .= ", allowdownloads='".mysql_real_escape_string($allowdownloads)."'";
			}
			
			$AUDIOID = htmlentities(strip_tags($AUDIOID));			
			
			if ($error == "")
			{
				
				$query="UPDATE audios SET title='".mysql_real_escape_string($title)."', description='".mysql_real_escape_string($description)."', tags='".mysql_real_escape_string($tags)."' $addtosql WHERE AUDIOID='".mysql_real_escape_string($AUDIOID)."'";
				$conn->execute($query);

				$message = "$lang[822] <a href=\"$thebaseurl/myaudiosedit.php?AUDIOID=$AUDIOID\">$lang[823]</a>";

			}
		}
		$templateselect = "myaudiosedit.tpl";
	}
	else
	{
		$error = "$lang[824]";
		$templateselect = "playaudioerror.tpl";
	}
}
else
{
	header("Location:$config[baseurl]/login.php");exit;
}

STemplate::assign('pagetitle',"$lang[825]");

//TEMPLATES BEGIN
STemplate::assign('error',$error);
STemplate::assign('message',$message);
STemplate::display('header.tpl');
STemplate::display($templateselect);
STemplate::display('footer.tpl');
//TEMPLATES END
?>